[mile] FW: I-D Action: draft-ietf-mile-rfc5070-bis-23.txt
"Roman D. Danyliw" <rdd@cert.org> Mon, 20 June 2016 13:44 UTC
Return-Path: <rdd@cert.org>
X-Original-To: mile@ietfa.amsl.com
Delivered-To: mile@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9F6EC12D0C7 for <mile@ietfa.amsl.com>; Mon, 20 Jun 2016 06:44:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cert.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id HAOXk5qhrF7V for <mile@ietfa.amsl.com>; Mon, 20 Jun 2016 06:44:20 -0700 (PDT)
Received: from plainfield.sei.cmu.edu (plainfield.sei.cmu.edu [192.58.107.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2183F12D0F4 for <mile@ietf.org>; Mon, 20 Jun 2016 06:44:20 -0700 (PDT)
Received: from pawpaw.sei.cmu.edu (pawpaw.sei.cmu.edu [10.64.21.22]) by plainfield.sei.cmu.edu (8.14.4/8.14.4/1543) with ESMTP id u5KDiInx013094 for <mile@ietf.org>; Mon, 20 Jun 2016 09:44:18 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cert.org; s=jthatj15xw2j; t=1466430259; bh=4bvfPwmveFqPGZpkQfPXzmYHlgmkycdwMhUgxeZQ9Kk=; h=From:To:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:Content-Transfer-Encoding:MIME-Version:Sender: Reply-To:Cc; b=YOZt1VFct3Jhdq+H+nLET7ir9tmB+uZbStAi0BtJSVWeig+qjQfQQRJRtHL1vainF X6cwuAi44kwCfpxl08P1XzxgNrStpgW8aPPaKFfqtD3/1Y2jcfk30kHxOs9pv/LDpO wsoOmxlHWHbsJY1OlTK+Gy+3oWDskk5Uk7bjXhvY=
Received: from CASSINA.ad.sei.cmu.edu (cassina.ad.sei.cmu.edu [10.64.28.249]) by pawpaw.sei.cmu.edu (8.14.4/8.14.4/1543) with ESMTP id u5KDi9CG021513 for <mile@ietf.org>; Mon, 20 Jun 2016 09:44:09 -0400
Received: from MARATHON.ad.sei.cmu.edu ([10.64.28.250]) by CASSINA.ad.sei.cmu.edu ([10.64.28.249]) with mapi id 14.03.0279.002; Mon, 20 Jun 2016 09:44:08 -0400
From: "Roman D. Danyliw" <rdd@cert.org>
To: "mile@ietf.org" <mile@ietf.org>
Thread-Topic: [mile] I-D Action: draft-ietf-mile-rfc5070-bis-23.txt
Thread-Index: AQHRyvffSldoloCaaUumJk8NcA6gpp/yW8lg
Date: Mon, 20 Jun 2016 13:44:08 +0000
Message-ID: <359EC4B99E040048A7131E0F4E113AFCD9766770@marathon>
References: <20160620133000.30084.55263.idtracker@ietfa.amsl.com>
In-Reply-To: <20160620133000.30084.55263.idtracker@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.64.22.6]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/mile/u1Cu9jnPIKCXtaH8EW91T6IXHJ4>
Subject: [mile] FW: I-D Action: draft-ietf-mile-rfc5070-bis-23.txt
X-BeenThere: mile@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Managed Incident Lightweight Exchange, IODEF extensions and RID exchanges" <mile.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mile>, <mailto:mile-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mile/>
List-Post: <mailto:mile@ietf.org>
List-Help: <mailto:mile-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mile>, <mailto:mile-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 20 Jun 2016 13:44:23 -0000
Hello,
The following is the changelog for -23. It addresses feedback from the IETF last call and IESG review.
(1) (schema) Reordered the schema and text definition of the child classes of the Observable class
(2) (text) Removed an extra definition of EventData in the text description of the Observable class
(3) (text) Corrected the line numbers in Figures 68 and 69
(4) (schema) Added IndicatorExpression/AdditionalData to the schema; it was in the text
(5) (text) Updated XML reference [W3C.XML] from the W3C 2nd edition to 5th edition
(6) (text) Updated XML Namespace reference [W3C.XMLNS] from 1999 edition to 2009 edition
(7) (text) Updated text to fixed inconsistency in cardinality of EventData/ReportTime (per Takeshi Takahashi's IETF LC review)
(8) (text) Removed duplicate Service class from figure in Observable class (per Takeshi Takahashi's IETF LC review)
(9) (text) Corrected data type of Address@vlan-num to be INTEGER in the text (per Takeshi Takahashi's IETF LC review)
(10) (text) Per Item #4 of Section 5.2, added new language around the idea that "IODEF parsers s/MUST/SHOULD/ reject syntax errors" (per discussion around Item #1 of Robert Sparks's security review; Comment #8 of Stephen Farrell's IESG review; Comment #2 of Ben Campbell's IESG review)
(11) (text) Per Item #5 of Section 5.2, added new language around the idea that "parsers s/SHOULD NOT/MUST NOT/ download schemas at runtime" (per discussion around Item #1 of Robert Sparks's security review; Comment #2 of Ben Campbell's IESG review)
(12) (text) Modified Section 4.3 to clarify the periodicity of downloading additional enumerated values from IANA registries (per discussion around Item #1 of Robert Sparks's security review; Comment #2 of Ben Campbell's IESG review)
(13) (text) Added language to the Security Considerations section on downloading the enumerated values (per discussion around Item #1 of Robert Sparks's security review; Discuss #1 of of Alexey Melnikov's IESG review; Comment #9 of Stephen Farrell's IESG review; Comment #2 of Ben Campbell's IESG review)
(14) (text) Clarified the executible content language in the Security Considerations section (per Item #2 of Robert Sparks's security review; Comment #2 of Ben Campbell's IESG review)
(15) (text) Added language about out-of-band field semantics in the Security Consideratios section (per Item #3 of Robert Sparks's security review; Comment #2 of Ben Campbell's IESG review)
(16) (text) Updated reference for PHONE to be E.164 (Per Nit A of Robert Sparks's Security Review; Comment #2 of Ben Campbell's IESG review)
(17) (text) Removed example in Section 4.1 that had no charactering encoding. Removed RFC2978 reference. (Per Nit B of Robert Sparks's Security Review; Comment #2 of Ben Campbell's IESG review)
(18) (text) Replaced RFC-ENUM and RFI-SCI reference names to be the corresponding RFC number (per Nit C of Robert Sparks's Security Review; Comment #2 of Ben Campbell's IESG review)
(19) (schema) Added IndicatorExpression/Confidence to the schema (per Discuss #1 of Alissa Cooper; Comment #2 of Ben Campbell's IESG review)
(20) (text) Added Figure 70 (per Discuss #1 of Alissa Cooper; Comment #2 of Ben Campbell's IESG review)
(21) (text) Removed uses of "cyber" as an adjective in all places in the document except for in the term "cyber-physical system" and the title. (per Comment #1 of Alissa Cooper's; Comment #1 of Stephen Farrell IESG review; Comment #2 of Ben Campbell's IESG review)
(22) (text) Removed Contact@role="zone" (per Comment #2 of Alissa Cooper's IESG review; Comment #2 of Ben Campbell's IESG review)
(23) (text) Added additional text about processing Confidence values in the Security Considerations (per Discuss #1 of Stephen Farrell's IESG review)
(24) (text) Added Address@type={ipv4-net-masked, ipv6-net-masked} (per Discussion #2 of Stephen Farrell's IESG review)
(25) (text) Updated regex of TIMEZONE to include leap-seconds (per Comment #3 of of Stephen Farrell's IESG review)
(26) (text) Added reference to RFC6531 in Section 2.12, Email string (per Comment 4 of Stephen Farrell's IESG review)
(27) (text) Removed Address@type="ipv6-net-mask" (per Comment #6 of Stephen Farrell's IESG review)
(28) (text) Added reference to RFC4291 for Address@type="ipv6-addr-net" and RFC5952 for Address@type="ipv6-addr" (per Comment #6 of Stephen Farrell's IESG review)
(29) (text) Removed the RFC822 reference in Section 3.29.3.1; now defer to definition in Section 3.18.1 which references a revised Section 2.12 that includes references to RFC6531 and RFC5322 (per Comment 1 of Alexey Melnikov's IESG review; Comment #2 of Ben Campbell's IESG review)
(30) (text) Made explicit reference to Section 2.4 of [W3C.XML] in Section 4.1 when discussing escaping XML characters (per Comment 2 of Alexey Melnikov's IESG review; Comment #2 of Ben Campbell's IESG review)
(31) (text) Added a required expert review of IANA registered IODEF extension schemas per RFC 6685 (per Comment #1 of Alvaro Retana's IESG review)
(32) (text) Obsoleted RFC6685 (per Comment #2 of Alvaro Retana's IESG review)
-----Original Message-----
From: mile [mailto:mile-bounces@ietf.org] On Behalf Of internet-drafts@ietf.org
Sent: Monday, June 20, 2016 9:30 AM
To: i-d-announce@ietf.org
Cc: mile@ietf.org
Subject: [mile] I-D Action: draft-ietf-mile-rfc5070-bis-23.txt
A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Managed Incident Lightweight Exchange of the IETF.
Title : The Incident Object Description Exchange Format v2
Author : Roman Danyliw
Filename : draft-ietf-mile-rfc5070-bis-23.txt
Pages : 168
Date : 2016-06-20
Abstract:
The Incident Object Description Exchange Format (IODEF) defines a
data representation for security incident reports and indicators
commonly exchanged by operational security teams for mitigation and
watch and warning. This document describes an updated information
model for the IODEF and provides an associated data model specified
with XML Schema. This new information and data model obsoletes
Request for Comment (RFC) 5070 and 6685.
The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-mile-rfc5070-bis/
There's also a htmlized version available at:
https://tools.ietf.org/html/draft-ietf-mile-rfc5070-bis-23
A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-mile-rfc5070-bis-23
Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org.
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
_______________________________________________
mile mailing list
mile@ietf.org
https://www.ietf.org/mailman/listinfo/mile
- [mile] FW: I-D Action: draft-ietf-mile-rfc5070-bi… Roman D. Danyliw
- [mile] I-D Action: draft-ietf-mile-rfc5070-bis-23… internet-drafts